Database Reference
In-Depth Information
'select * from grant_test'
id | name
----+-------------
1 | Mocking Jay
2 | Henry Ford
(2 rows)
$CASSANDRA_HOME/bin/cqlsh -u testuser -p abc -k demo_cql -e
"insert into grant_test (id, name) values (42, 'fail me')"
<stdin>:1:code=2100 [Unauthorized] message="User testuser
has no MODIFY permission on <table demo_cql.grant_test> or
any of its parents"
Permission types and their scopes are as follows:
•
ALL
: This allows all types of queries to run on the entity or entities specified.
•
SELECT
: This allows just
SELECT
statements to be run by the specified user on
the specified entity.
•
CREATE
: This allows
CREATE
statements. The user can create a table in a key-
space if the user is given the
CREATE
permission to the keyspace. To create a
keyspace, the user needs to have the
CREATE
permission to all keyspaces.
•
MODIFY
: This allows the statements such as
INSERT
,
DELETE
,
UPDATE
, and
TRUNCATE
. Users permitted to modify an entity can run these statements/com-
mands without any constraints like the ones that the
CREATE
statement has.
•
ALTER
: This allows users to execute the
ALTER
statements and
CREATE
or
DROP
indexes.
•
DROP
: This allows you to drop keyspaces and tables.
